4 matches found
SUSE CVE-2025-7445
Kubernetes secrets-store-sync-controller in versions before 0.0.2 discloses service account tokens in logs...
CVE-2025-7445
creationtimestamp| type| source ---|---|--- 2025-09-05 01:07:05+00:00| seen| https://bsky.app/profile/kubernetes.dev/post/3ly2hufadhn2o 2025-09-05 05:15:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ly2vrafyhq2f 2025-09-05 13:21:11+00:00| seen|...
secrets-store-sync-controller discloses service account tokens in logs
A security issue was discovered in secrets-store-sync-controller where an actor with access to the controller logs could observe service account tokens. These tokens could then potentially be exchanged with external cloud providers to access secrets stored in cloud vault solutions. Tokens are onl...
MAL-2025-7445 Malicious code in @crabas0npm/officiis-soluta-quos (npm)
The package @crabas0npm/officiis-soluta-quos was found to contain malicious code...